this post was submitted on 22 Jun 2023
46 points (100.0% liked)
Technology
37730 readers
775 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Windows 11 is extremely spyware, even more so than previous windows versions.
Thats why you enable the telemetry thing in the motherboard for the installation only and prolly disable it afterwards :p no warning errors, no fuss. Works. Shows how shit it is that they require it.
Uhhhh what telemetry thing in the motherboard?
If you mean the TPM, that's not for telemetry, it's for security. It does still have some implications you might not enjoy though - IF you use bitlocker on Windows AND have TPM enabled, I believe you can't move your drive to another device because it requires the original device's TPM for decryption (and no, you can't just swap out a TPM module either - it won't be the considered the same device). That's about all you need to fear from the TPM.
All the windows telemetry stuff is in Windows settings. And of course there's some you can't disable in windows settings either, but there's scripts for stuff and you can run pihole and block every non-essential microsoft domain.
TPM isn't for your security, it's for Microsoft and Disney and other megacorps' security against you
That's a side effect of your device being more secure, yes. After all, the most secure device is a simple rock. Nobody can hack it and it can't rip Marvel movies off Disney+.
To be clear, Microsoft doesn't give a single fuck about you doing piracy, they actually need your device to be secure because otherwise you might switch to another OS for security. Disney and the like, however, will likely in the future require you to use a TPM2 device for advanced DRM.
Of course, if this is something you're rightly worried about, the right course of action isn't to install Windows and disable TPM (which also, as I said, does nothing for disabling Telemetry). It's to install a Linux distro that's hopefully not Ubuntu, because that's way too commercial and not free enough.
Also, at the moment, the Linux desktop install base is small enough that any streaming service can just disable their services for Linux users altogether, TPM or not. So we do actually need to be voting with our OS installs and sooner rather than later.
What does it mean to be secure? Allowing a megacorp to mandate what you can and can't do on your own hardware means that hardware is less secure, not more.
It disallows certain attacks other people could perform on your devices. I've already explained this in 2 other comments in this thread.
Firstly, even with physical access to your device, it'll be harder to fuck with the firmware or software on your computer. Windows literally can't unlock your data if something's fucky, because TPM won't give it the required keys. Secondly, TPM can be used as a more secure way to store encryption keys in general. And thirdly, you get hardware random number generation, which can be very useful if your system's entropy is too low.
Yes, unfortunately it also means DRMs can force you to consume content on only the exact same hardware you purchased it for. But there ARE legitimate use cases for TPM too. TPM has been used in enterprise settings for over a decade.
Luckily for now at least, there's a solution for the whole DRM issue too. It's called piracy. Plenty of DRM free content out there. It's possible that some streaming content literally won't reach your favourite torrent site because hardware DRM, but I'm not TOO worried about it personally, because HDCP can be bypassed, so there's still a way to capture the signal, it's just between the computer and the screen.
But overall, definitely use Linux instead of Windows with TPM off if you're worried about ANY of this. And I mean, sure, keep TPM off, it's highly unlikely that you'll actually need the niche extra security it provides on a personal device.
The only one with physical access to my hardware trying to fuck with the software is me. Evil maid attacks are purely hypothetical for almost everyone, and suggesting that TPM is necessary to protect against them is dishonest. TPM is a much greater threat than any it purports to protect against.
Almost everyone just means home users and those don't matter much to Microsoft anyway, corporate is where the big money is.